Virtualizing Microsoft Active Directory

OK, so I’ll admit that I have a problem…I’m a VIOPS junky.  A few of my previous posts have been based on resources from this great site but hey can you blame me?  There is a wealth of good information available on all things VMware and this particular article is no exception.

In a lot of the server virtualization environments I encounter the topic of virtualizing AD is in some form of contention.  A number of people have a subset of their domain controllers virtualized while others have all of them virtual, but in either case there is usually always an underlying tone of insecurity around the topic and a lot of misinformation.

I’m a firm believer in the saying that no 2 environments are alike and ultimately every aspect of infrastructure design needs to be carefully weighed against the details at hand.  While this topic is no different the information in this article should help to dispel some common misconceptions and therefore assist in making a more educated decision around virtualizing such a critical component as Active Directory.

http://viops.vmware.com/home/docs/DOC-1223
 

Thanks to Steve Chambers for this great information.

Best Practices for VMware Data Recovery (VDR)

I have referenced Desmond Chan’s blogs in the past, mainly around the configuration of an SRM demo environment, but here is another valuable resource on how to configure a Data Recovery Dedupe Store in vSphere.  

The following article is from the VMware VIOPS site and may require a logon to access.  If you don’t have one I highly recommend registering as there is a lot of free, valuable information available from this site.

http://viops.vmware.com/home/docs/DOC-1551

XenDesktop 3.1 Agent

A new XenDesktop agent, version 3.1, is due out this week.  Listed below are some of the issues resolved with this latest release:

1. Redirected COM ports cannot be accessed outside of a user’s logon session. This enhancement allows you to issue a “net use com4: \\client\com1″ command to add a global device link named “COM4″ to the redirected COM1 port, allowing processes outside of the user’s logon session to access the COM port. To enable this enhancement, you must set the following registry key:HKEY_LOCAL_MACHINE\Software\Citrix\PortICA\Serial
   Name: CreateGlobalDevice
   Type: REG_DWORD
   Data: <greater than zero>

   [From XDE310VDA002][#206151]

2. After reconnecting to a disconnected session, mapped COM ports might no longer be available.[From XDE300VDA002][#208370]
3. Printers do not autocreate when a virtual desktop agent is started from a halted state instead of from an idle state.[From XDE300VDA002][#208395]
4. After installing Version 3.1 (Build 3231) of the virtual desktop agent, logon times might take in excess of one minute.[From XDE300VDA002][#210159]
5. After installing Version 3.1 (Build 3231) of the virtual desktop agent on Windows XP, the Citrix Audio Service fails to start.[From XDE300VDA002][#210166]
6. After configuring XenDesktop according to Knowledge Center Article CTX118976 (Configuring XenDesktop to Function Properly Without an Organizational Unit in Active Directory), the virtual desktop agent fails to register.[From XDE300VDA002][#210798]

Citrix Troubleshooting Tools

Here is a great Knowledge Center article which outlines a comprehensive list of troubleshooting tools for the majority of Citrix products and technologies.

http://support.citrix.com/article/CTX107572

VMware Visio and PowerPoint Resources

At the core of any well built and maintained environment is good documentation.  With many organizations looking to upgrade to vSphere it becomes very important to have a map of where you’re going and where you came from…in other words have a clear understanding of your current environment and then what it will take to get it upgraded.

The following resources from the VMware VIOPS site should assist in documenting and communicating the configuration and details of a VMware ESX environment.  Notice the emphasis on communicating…after all, if you want the latest bells and whistles it may become necessary to “sell” the upgrade internally so the work and possible associated expense can be justified against the needed improvements in performance and functionality.

http://viops.vmware.com/home/docs/DOC-1338
 - PowerPoint Library of VMware Icons & Diagrams

http://viops.vmware.com/home/docs/DOC-1514
 - Visio Stencils for vSphere

Note that you may need to create a logon for the VIOPS site to access this content.

VDI: Monitoring and the End User Experience

Probably one of the most overused phrases when you talk about anything user facing in IT, I’m guilty as well, is the “end user experience”.  As overused as this saying is there are some important points that it raises especially when the goal is to replace workstations with a centrally hosted infrastructure.

A lot of organizations want to move to a VDI environment and with that a lot of consideration is given to such points as how many virtual workstations can be hosted on a single server, what type of storage to use, the hypervisor, and while all these are valid concerns there isn’t typically much attention given to monitoring the solution once implemented.  This is arguably more critical in a VDI or SBC environment because a lot more demand is placed on the overall infrastructure and stress points are made considerably more visible to end users.  With a physical PC a user may notice a network issue if a file takes longer than usual to download, but in a VDI environment the same network issue could cause them to loose the ability to use their workstation period.  These types of issues could go unreported out of repeated frustration causing a huge problem with something that if caught early and addressed could have been easily avoided…if only it were visible.  So how do you ensure that users will be happy with using their hosted desktop and not demand their old workstation back?

Citrix has a great monitoring solution for their XenApp and XenDesktop platforms, i.e. EdgeSight, but what about if your using an offering from a different vendor?  Liquidware Labs makes some interesting products around virtualization but specifically their Stratusphere software is labeled as a VDI assessment tool which assists with keeping the pulse of your overall environment both physical and virtual. 

http://www.liquidwarelabs.com/solutions/stratusphere.asp

Stratusphere runs as a virtual appliance at the virtual network layer and is managed from a web console hosted from the same VM.  The appliance integrates with Active Directory and can be deployed along or in conjunction with Connector ID, a separate technology unique to Stratusphere which can add a non-intrusive digital fingerprint to each network packet associated with physical or virtual system, application, or user connections.  This fingerprint allows the software to provide visibility into each IP packet facilitating complete monitoring of, dare I say it again, the end user experience.  There is also the ability to map application dependencies from the desktop to the backend infrastructure as well as track response times for all layers.  Based on the initial numbers listed on their site the Stratusphere solution also looks to be reasonably priced.

Hopefully I will be able to get a trial version of the software installed in the near future, as the ‘Try it Now’ link states “Coming soon” but in the meantime there is a lot of good product information accessible from their site.